Hey, the lab just got hit by an exploit. Somewhere out there in boredom land, some slurpee drunk fool found our IP and decided to sharpen his wits on the Microsoft side of our server structure. Tapping with his fiendish fingers, he launched a script to exploit a buffer overrun vulnerabilty in the Microsoft remote procedure call implementation. No I don’t know what that really means, but I’m willing to bet Acne X out there doesn’t either. Let’s see, it’s 4:18. Assuming he’s left coast, highschool got out around 3:15, that gives him half an hour to get home, 15 minutes to dump his gear and log on, and 5 minutes to scan for an unprotected IP and 5 minutes to work up the nerve to press the button. Or type the command, I hope whatever the automated version of the exploit looks like from the user end, that it’s at least command line driven.

Oh, he did it again. Clever monkey this one.

Now, obviously he didn’t do a good enough job to stop me from uploading this – in fact the only visible signs that we were hit were a couple of Windows boxes that hadn’t had recent security patches installed receiving remote shutdown commands. And I suppose the uncharacteristic swearing of our usually laid back IT guy as he surveys the flashing lights on the network switch may be an indication there are some deeper effects that I’m not aware of. However, one of the two workstations that went down was the boss’ laptop, so things around here are stirring.

It’s a little bit like a power out during a big storm. Except we don’t actually get to stop working. Or go outside. At least it provides a little entertainment. Greetings, script kiddie. Just don’t delete anything okay?